Re: Advantages and disadvantages of using CB64 type of identifiers

[Iljitsch van Beijnum <iljitsch@muada.com>]

On 5-jul-04, at 17:41, Christian Huitema wrote:

> but it definitely is a problem for *host* multihoming, e.g. a host with
> a WiFi and a GPRS connection.

So what about a solution like NOID where this information is in the DNS?

I don't understand why you find it objectionable that someone would see 
which two IP addresses belong to the same host. I mean, what does this 
tell the third party?

As I understand it, the reason that RFC 3041 exists is because having a 
MAC-derived IP address allows a third party to follow a host's movement 
from one link to another. I can see why people wouldn't want that to 
happen. But I don't see how disclosure of a fixed relationship between 
two addresses or prefixes is similar. That is, unless multihoming is 
combined with some sort of mobility.

> Come to think of it, the only way to not disclose these relations to
> third parties is to (1) make sure that the identifier is not disclosed
> as part of the IPv6 address and (2) make sure that the identifier is
> only exchanged over an encrypted channel between the corresponding
> hosts.

But you pretty much always need to inform the correspondent, and an 
attacker who can snoop a link will often be in the position to become a 
correspondent and thus learn the information. If there is no snooping 
there is no reason for encryption.